首页 科技问答 陈阳,某局点F5000-M save force告警

陈阳,某局点F5000-M save force告警

科技问答 406
1676540621,

组网及说明

不涉及

问题描述

两台防火墙HA,在主墙上输入save force后,主备墙均会一直刷如下告警:

%Dec  6 16:44:22:129 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is system-view

%Dec  6 16:44:22:132 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is save force

%Dec  6 16:44:23:585 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is return

%Dec  6 16:44:25:448 2022 F5000-M-2 SHELL/4/SHELL_CMD_MATCHFAIL: -User=**-IPAddr=**; Command return in view shell failed to be matched.

%Dec  6 16:44:25:449 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is system-view

%Dec  6 16:44:25:452 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is save force

%Dec  6 16:44:26:940 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is return

%Dec  6 16:44:28:742 2022 F5000-M-2 SHELL/4/SHELL_CMD_MATCHFAIL: -User=**-IPAddr=**; Command return in view shell failed to be matched.

%Dec  6 16:44:28:745 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is system-view

%Dec  6 16:44:28:750 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is save force

%Dec  6 16:44:31:351 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is return

%Dec  6 16:44:33:093 2022 F5000-M-2 SHELL/4/SHELL_CMD_MATCHFAIL: -User=**-IPAddr=**; Command return in view shell failed to be matched.

%Dec  6 16:44:33:098 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is system-view

%Dec  6 16:44:33:110 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is save force

%Dec  6 16:44:34:624 2022 F5000-M-2 SHELL/6/SHELL_CMD: -Line=-IPAddr=**-User=**; Command is return

%Dec  6 16:44:36:441 2022 F5000-M-2 SHELL/4/SHELL_CMD_MATCHFAIL: -User=**-IPAddr=**; Command return in view shell failed to be matched.

过程分析

查看两台设备的诊断信息,发现两台设备的配置均为primary,与现场反馈的HA状态正常有冲突

remote-backup group

data-channel interface Route-Aggregation64

configuration sync-check interval 12

delay-time 10

local-ip 100.100.30.1

remote-ip 100.100.30.2

device-role primary

 

remote-backup group

data-channel interface Route-Aggregation64

configuration sync-check interval 12

delay-time 10

local-ip 100.100.30.2

remote-ip 100.100.30.1

device-role primary


后续了解到HA状态部署完成时是正常的,但是后续刷配置时,将HA的配置刷错了,导致最开始时查看HA状态正常,但是刷完配置后,开始出现上述故障,将配置修改为一主一备后,再测试save force已正常。

解决方法

将HA的配置改为一主一备。

CRM论坛(CRMbbs.com)——一个让用户更懂CRM的垂直性行业内容平台,CRM论坛致力于互联网、客户管理、销售管理、SCRM私域流量内容输出5年。 如果您有好的内容,欢迎向我们投稿,共建CRM多元化生态体系,创建CRM客户管理一体化生态解决方案。本文来源:知了社区基于知识共享署名-相同方式共享3.0中国大陆许可协议,某局点F5000-M save force告警
双机热备 NGFW防火墙

相关推荐

热门文章

广告

文章目录

    标签列表

    扫码二维码

    本站内容源自互联网,如有内容侵犯了您的权益,请联系删除相关内容。

    Copyright © 2019-2023 CRM论坛. All Rights Reserved. |文章投稿|关于CRM论坛|豫ICP备17017144号
    Theme By CATBEI